Threat Intelligence Blog

Weekly Threat Intelligence Brief: April 26, 2017

Posted April 26, 2017

This weekly brief highlights the latest threat intelligence news to provide insight into the latest threats to various industries.

Information Security

“For the past few months, an elite hacking group calling itself the Shadow Brokers has sporadically leaked sensitive data from the National Security Agency. On Friday, just when its leaks had appeared to slow, the group released what appears to be its most damaging leak so far: a trove of highly classified hacking tools used to break into various Microsoft systems, along with what it said was evidence that the N.S.A. had infiltrated the backbone of the Middle East’s banking infrastructure.

The timing of the leaks coincides with the United States’ recent shift in policy in Syria, which has escalated the conflict with the Syrian government’s main backer, Russia. The Shadow Brokers wrote in broken English in an online post, which cited the American missile attack on a Syrian air base among other reasons for the leak, that after a hiatus, it had returned to leaking because it was upset that President Trump was abandoning “the peoples who getting you elected.””

Retail

“InterContinental Hotels Group (IHG) has reported last week that a huge number of their hotels in the US and Puerto Rico have been compromised with payment card information-slurping malware.

The list of the affected locations is still not complete, but the company has provided a tool that customers can use to check whether the property that they stayed at has been compromised, and during which period.”

Defense

“Chinese President Xi Jinping has announced a restructure of the People’s Liberation Army (PLA) to transform it into a leaner fighting force with improved joint operations and cyber capabilities, state media said.

Centered around a new, condensed structure of 84 units, the reshuffle builds on Xi’s years-long efforts to modernise the PLA with greater emphasis on new capabilities including cyberspace, electronic and information warfare.

As chair of the Central Military Commission, Xi is also commander-in-chief of the armed forces.”

Insurance/Healthcare

“There was a sharp spike in the number of breached patient records as the result of data breach incidents in March, with this month seeing 2.5 times the number of breached records in January and February combined, according to the latest Protenus “Breach Barometer” report.

The Protenus Breach Barometer is a monthly snapshot of reported or disclosed breaches impacting the healthcare industry, with data compiled and provided by DataBreaches.net. This month’s analysis showed 31 breach incidents either reported to the U.S. Department of Health and Human Service or first disclosed in media or other sources, which is the same number of incidents as reported in January.”